Commit 9e790c73 authored by Hamza Dely's avatar Hamza Dely
Browse files

[comptes/views] Réécriture de l'API pour l'activation/désactivation d'un compte

parent 5a4d9c55
......@@ -152,4 +152,4 @@ class AdherentSerializer(mixins.DynamicFieldsMixin, serializers.ModelSerializer)
new_password = validated_data.pop('password', '')
if new_password:
instance.set_password(new_password)
super().update(instance, validated_data)
return super().update(instance, validated_data)
......@@ -28,9 +28,9 @@
{% endif %}
{% if user != object and (user.has_perm("comptes.adherent_desactiver", Acl.TOTAL) or (object.type in ['club', 'section'] and user.has_perm("comptes.adherent_desactiver", Acl.ETENDU)) or (object.type == 'personne' and user.has_perm("comptes.adherent_desactiver", Acl.BASIQUE))) %}
{% if object.is_active %}
<a id="idCompteStatus" class="list-group-item list-group-item-warning" href="#" data-adherent-action="désactiver">Désactiver le compte</a>
<a id="idCompteStatus" class="list-group-item list-group-item-warning" href="#" data-adherent-status="actif">Désactiver le compte</a>
{% else %}
<a id="idCompteStatus" class="list-group-item list-group-item-warning" href="#" data-adherent-action="activer">Activer le compte</a>
<a id="idCompteStatus" class="list-group-item list-group-item-warning" href="#" data-adherent-status="inactif">Activer le compte</a>
{% endif %}
{% endif %}
{% if not (object == user) and ((object.type == 'personne' and user.has_perm("comptes.adherent_supprimer", Acl.BASIQUE)) or user.has_perm("comptes.adherent_supprimer", Acl.ETENDU)) %}
......@@ -226,29 +226,36 @@
function changeStatus() {
var status_button = $("#idCompteStatus");
var action_was = status_button.data("adherent-action");
var new_action = null;
var old_status = status_button.data("adherent-status");
var new_status = null;
var new_text = null;
if (action_was == "activer") {
new_action = "désactiver";
if (old_status == "inactif") {
new_status = "actif";
new_text = "Désactiver le compte";
$('#idPseudo').removeClass("bg-warning text-white");
$('#idIdentityCard div.card-header').remove();
} else {
new_action = "activer";
new_status = "inactif";
new_text = "Activer le compte";
$('#idPseudo').addClass("bg-warning text-white");
var title = $(document.createElement("h4")).addClass("text-warning").text("Compte désactivé");
var card_header = $(document.createElement("div")).addClass("card-header text-center").append(title);
$('#idIdentityCard').prepend(card_header);
}
status_button.attr("data-adherent-action", new_action);
status_button.data("adherent-status", new_status);
status_button.text(new_text);
}
$("#idCompteStatus").click(function () {
var action = $(this).data("adherent-action");
xhr('{{ url("api:comptes:adherent-status", kwargs={"pk" : object.pk}) }}', 'PATCH', {'action' : action}, changeStatus, showError);
var adh_status = $(this).data("adherent-status");
var activate = null;
console.log(adh_status);
if (adh_status == "actif") {
activate = false;
} else {
activate = true;
}
xhr('{{ url("api:comptes:adherent-status", kwargs={"pk" : object.pk}) }}', 'PATCH', {'is_active' : activate}, changeStatus, showError);
});
// Ajout/Suppression d'aliases
......
......@@ -439,40 +439,32 @@ class AdherentViewSet(viewsets.GenericViewSet):
Active ou désactive un compte.
Les données doivent :
- être envoyées via une requête PATCH
- contenir un paramètre 'action' pouvant valoir 'activer' ou 'désactiver'
- contenir un paramètre 'is_active' pouvant valoir True ou False
"""
if not request.user.has_perm("comptes.adherent_desactiver", Acl.BASIQUE):
raise PermissionDenied
target_user = self.get_object()
if target_user.id == request.user.id:
return Response(
{"detail" : "Vous ne pouvez pas activer/désactiver votre propre compte"},
status=status.HTTP_403_FORBIDDEN,
)
if request.data.get('action', None) not in ['activer', 'désactiver']:
return Response(
{"detail" : "Paramètre de la requête incorrect"},
status=status.HTTP_400_BAD_REQUEST,
)
if ((target_user.type == Adherent.DEBIT)
and request.user.has_perm("comptes.adherent_desactiver", Acl.TOTAL)):
pass
elif ((target_user.type in [Adherent.CLUB, Adherent.SECTION])
and request.user.has_perm("comptes.adherent_desactiver", Acl.ETENDU)):
pass
elif target_user.type == Adherent.PERSONNE:
pass
elif request.user.has_perm("comptes.adherent_desactiver", Acl.TOTAL):
user_types = [Adherent.DEBIT, Adherent.CLUB, Adherent.SECTION, Adherent.PERSONNE]
elif request.user.has_perm("comptes.adherent_desactiver", Acl.ETENDU):
user_types = [Adherent.CLUB, Adherent.SECTION, Adherent.PERSONNE]
elif request.user.has_perm("comptes.adherent_desactiver", Acl.BASIQUE):
user_types = [Adherent.PERSONNE]
else:
user_types = []
if target_user.type not in user_types:
return Response(
{"detail" : "Vous ne pouvez pas activer ou désactiver ce type de compte"},
{"detail" : "Vous ne pouvez pas activer/désactiver ce type de compte"},
status=status.HTTP_403_FORBIDDEN,
)
target_user.is_active = True if request.data['action'] == 'activer' else False
target_user.save()
serializer = self.get_serializer(target_user, data=request.data, fields=['is_active'])
serializer.is_valid(raise_exception=True)
serializer.save()
return Response({}, status=status.HTTP_204_NO_CONTENT)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment